Elliptic: Drift Attack Incident Suspected to be Orchestrated by North Korean Hacker Group

BlockBeats News, April 2nd, according to CoinDesk, blockchain analytics company Elliptic stated that Drift Protocol suffered a $285 million attack, with "multiple signs" pointing to a North Korea-backed DPRK hacker group. Elliptic focused on-chain behavior, money laundering techniques, and network-level signals, all consistent with previous related attacks. The Elliptic report stated: "If confirmed, this would be the 18th DPRK-linked attack Elliptic has tracked this year, totaling over $300 million stolen to date."

Technical-wise, Elliptic's analysis described this attack as "premeditated, well-orchestrated," with early test transactions and pre-positioned wallets before the main attack. After the attack, funds were swiftly consolidated and moved through cross-chain transfers, converted into more liquid assets, establishing an organized, repeatable money laundering process aimed at obfuscating the fund's origin while maintaining control.

This event involved over ten asset types, with funds moving from Solana to Ethereum and other chains, further highlighting the importance of cross-chain tracing capabilities. Drift Protocol is the largest decentralized perpetual contract trading platform on the Solana blockchain, with its token plummeting over 40% to around $0.06 since the hack.